142 matches found
EUVD-2024-45361
Malicious code in bioql PyPI...
EUVD-2024-42703
Malicious code in bioql PyPI...
EUVD-2024-42689
Malicious code in bioql PyPI...
CVE-2025-10472 harry0703 MoneyPrinterTurbo URL video.py stream_video path traversal
A vulnerability has been found in harry0703 MoneyPrinterTurbo up to 1.2.6. The impacted element is the function downloadvideo/streamvideo of the file app/controllers/v1/video.py of the component URL Handler. The manipulation of the argument filepath leads to path traversal. The attack can be...
CVE-2025-39714 media: usbtv: Lock resolution while streaming
In the Linux kernel, the following vulnerability has been resolved: media: usbtv: Lock resolution while streaming When an program is streaming ffplay and another program qv4l2 changes the TV standard from NTSC to PAL, the kernel crashes due to trying to copy to unmapped memory. Changing from NTSC...
Akamai and Bitmovin: Revolutionizing Live and On-Demand Video Streaming
Discover how Akamai and Bitmovin’s partnership reduces costs, enhances performance, and delivers personalized video experiences to content providers...
WordPress Easy Video Player Wordpress & WooCommerce Path Traversal Vulnerability
WordPress Easy Video Player Wordpress&WooCommerce is a responsive video player plugin designed for WordPress and WooCommerce, supporting local video playback, cloud platform video streaming, 360 degree video and virtual reality playback. WordPress Easy Video Player Wordpress&WooCommerce suffers...
CVE-2022-41971
Nextcould Talk android is a video and audio conferencing app for Nextcloud. Prior to versions 12.2.8, 13.0.10, 14.0.6, and 15.0.0, guests can continue to receive video streams from a call after being removed from a conversation. An attacker would be able to see videos on a call in a public...
CVE-2005-1897
Unknown vulnerability in FlexCast Audio Video Streaming Server before 2.0 has unknown impact and attack vectors...
Linux Distros Unpatched Vulnerability : CVE-2024-50266
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: clk: qcom: videocc-sm8350: use HWCTRLTRIGGER for vcodec GDSCs A recent change in the venus...
CVE-2024-32876
NewPipe is an Android app for video streaming written in Java. It supports exporting and importing backups, as a way to let users move their data to a new device effortlessly. However, in versions 0.13.4 through 0.26.1, importing a backup file from an untrusted source could have resulted in...
PT-2025-36308
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue where a kernel crash can occur due to trying to copy to unmapped memory. This happens when a program is streaming video and another program changes the...
CVE-2024-50266
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: videocc-sm8350: use HWCTRLTRIGGER for vcodec GDSCs A recent change in the venus driver results in a stuck clock on the Lenovo ThinkPad X13s, for example, when streaming video in firefox: videoccmvs0clk status stuck at...
DEBIAN-CVE-2024-50266
In the Linux kernel, the following vulnerability has been resolved: clk: qcom: videocc-sm8350: use HWCTRLTRIGGER for vcodec GDSCs A recent change in the venus driver results in a stuck clock on the Lenovo ThinkPad X13s, for example, when streaming video in firefox: videoccmvs0clk status stuck at...
CVE-2024-50266
CVE-2024-50266 concerns the Linux kernel clk/qcom/videocc-sm8350 path where a venus driver change could cause a stuck vcodec clock (example: video_cc_mvs0_clk) on certain ThinkPad hardware. The issue is triggered by runtime control mode in GDSCs and was resolved by using HW_CTRL_TRIGGER for vcode...
Unauthorized Access Vulnerability in KingH5Stream of Beijing Asian Control Technology Development Co.
KingH5Stream is a live video streaming solution based on HTML5 technology. KingH5Stream by Beijing Asian Control Technology Development Co. Ltd. has an unauthorized access vulnerability that can be exploited by attackers to obtain sensitive information...
CVE-2024-51485 Insufficient Validation in Plugins (Activation/Deactivation) in Ampache
Ampache is a web based audio/video streaming application and file manager. The current implementation of token parsing fails to properly validate CSRF tokens when activating or deactivating plugins. This vulnerability allows an attacker to exploit CSRF attacks, potentially enabling them to change...
CVE-2024-51486
Ampache (web-based audio/video streaming app and file manager) has a Stored Cross-Site Scripting vulnerability in the interface menu’s Custom URL - Favicon field. The input is not properly sanitized, allowing JavaScript execution. The issue is mitigated by upgrading to version 7.0.1, which is the...
CVE-2024-51489 Insufficient Message Token Validation in Ampache
Ampache is a web based audio/video streaming application and file manager. The current implementation of token parsing does not adequately validate CSRF tokens when users send messages to one another. This vulnerability could be exploited to forge CSRF attacks, allowing an attacker to send messag...
CVE-2024-51489 Insufficient Message Token Validation in Ampache
Ampache is a web based audio/video streaming application and file manager. The current implementation of token parsing does not adequately validate CSRF tokens when users send messages to one another. This vulnerability could be exploited to forge CSRF attacks, allowing an attacker to send messag...